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Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 

1. (Currently Amended) A method fer-^rev iding an access candi da te access to 
s ecured electronic data, the meth od comprising: 

receivin g, using a processing device, a first request , from a first sponsor of an 
access candidate, for access candidate access to [[the]] a first security level in a computer 
network, wherein the first security level secured secures computational resources for 
accessing electronic data; by a controller associated with the secured electronic data; 

granting, using the processing device, access to the first security level based on 
an evaluation of the first request; 

receiving, using the processing device, a second request, from a second sponsor 
of the access candidate, for access to a second security level in the computer network in 
response to the granting of access to the first security level, wherein the second security 
level secures the electronic data; 

co mparing, at the controller, one or more attributes of the access candidate with one or 
more access requirements associated with the secured electronic data; 

determining, using the processing device, whether attributes of the access 
candidate satisfy access requirements of the electronic data secured by the second 
security level; 

submitting, by the controller using the processing device , a third request for 
authorization to a resolution authorit y, which is configured to modify the one or mor e 
a c c es s re quirements, in response to a comparison that indicates determination indicating 
that access by the access e andidate to the second security level is prohibited , wherein the 
resolution authority modifies the access requirements ; and 

in response to obtaining the authorization from the resolution authority, granting 
the access candidate th e a ee ess candidate access to the se cu r ed elect ro n ic data second 
security level, if-th e resolution authority provides auth orization for-sueh-^eeessr 
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2. (Currently Amended) The method as-4» of Claim 1, further comprising granting 
the acc e ss candidate access to the secured electronic data second security level in 
response to determining that the attributes of the access candidate satisfy the access 
requirements of the electronic data, a comparison that indicates t hat access by the a eees-s 
eandidate4 s not pr oMbitedT 

3. (Currently Amended) The method as-4n of Claim [[2]] 1, further comprising 
denying the access candidate access to the secured electronic data second security level if 
the resolution authority denies authorization, the third request. 



4. (Currently Amended) The method as-4n of Claim 1, wherein the one or more 
access requirements associated with the secured electronic data are represented as part of 
a graphical display associated with the access candidate and accessed for display to 
[[the]] a controller via a network. 



5. (Currently Amended) The method as-4n of Claim 1, wherein the one or more 

ef comprise a citizenship status of the access candidate or a current location of the access 
candidate. 



6. (Currently Amended) The method as-in of Claim 5, wherein the one or more 
attributes of the access candidate r e lates to the at least one of a comprise a citizenship 
status of the access candidate or a current location of the access candidate. 



7. (Currently Amended) In a data security syst e m having a first security— bvel 
securi ng one er-me re resources for manipulating electronic data -an d a sec end-seeurity 
level -securing access to the electronic data by the one or mor ^e^ffi^e^Sj-^Hmethed-^er 
prev4dmg-afl-aee css candidate access to the electronic data, th e A method comprising: 

receiving , using a processing device, a first request , from a first sponsor of an 
access candidate, for physical access to [[the]] a computer network; fest-seeurity level; 
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, using the processing device, physical access to the computer network 



granting, 



based on an evaluation of the first request; 

receiving, using the processing device, a second request, from a second sponsor 
of the access candidate, for access to electronic data in the computer network in response 
to the granting of physical access to the computer network; 



■ g r anting th e-f 



s candidate access t > 
re attributes of the c 



ety l e v e l i 



?spe ase to t 



3 candidate with ( 



e^mparisen-of-e 

requirem ents associated with the first security level that indicates that access to -4he-fest 
secur it y l evel b y the access candidate is n e t prohibited; 

receiving a request for access to the second security leve if 

determining, using the processing device, whether attributes of the access 
candidate satisfy access requirements of the electronic data; 

submitting , using the processing device, a third request for authorization to a 

associated with the second security level, in response to a comparison of one or more 
attributes of the access candidate with the one or more access requirements associated 
with the second security level that indicates determination indicating that access to the 
second security level by the access candidate electronic data is prohibited , wherein the 
resolution authority modifies the access requirements ; and 

in response to obtaining the authorization from the resolution authority, granting 
the access candidate access to the second security level electronic data, if t he res olution 

8 . (Currently Amended) The method as4n of Claim 7, further comprising: 

comparing the attributes of the access candidate with the access requirements of 

the electronic data to determine if access to the electronic data is prohibited; and 

granting fee-aee ess candidat e access to the s e cond s eeuri ty l e vel electronic data in 

response to if the comparison of the one or more attributes ef-4h e access can didate w ith 

the- 



„.„ j- ^-equirements associated with fee-seeend-security level th at 

indicates that access to the second security level by t he-aee ess ca ndidate electronic data 
is not prohibited. 
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9. (Currently Amended) The method as-in of Claim 7, further comprising denying 
th e acc es s candida te access to the second security level electronic data if the resolution 
authority denies authorization, the third request. 

10. (Currently Amended) The method as-m of Claim 7, wherein the-one-or-mofe 
attrifeutes-of the attributes of the access candidate access candidate are represented as part 
of a graphical display associated with the access candidate and accessed for display via a 
network. 

1 1 . (Currently Amended) The method as-4n of Claim 7, wherein the one or more 
access requirements associat e d with the first security level relates to at least one -ofe of 
the electronic data comprise a valid data access agreement with the access candidate; a 
current location of the access candidate; or[[,]] a citizenship status of the access 
candidate. 

12. (Currently Amended) The method as-4» of Claim 11, wherein the one or more 
attributes of the access candidate r e lates to at least one of: comprise [[the]] an existence 
of a data access agreement; a current location of the access candidate; or[[,]] a 
citizenship status of the access candidate. 

13. (Currently Amended) The method as in Claim 7, wherein the one or mo re access 
requirements associated with the second security level relates to at least -one of the 
electronic data comprise a current location of the access candidate or a citizenship status 
of the access candidate. 

14. (Currently Amended) The method as-4n of Claim 7, wherein at least one of the 
request for physical access to the first security level or the request for access to the 
electronic data second- security level is submitted by one or m ere-spensorsr more than 
one sponsor of the access candidate. 
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15. (Currently Amended) In a data security system h avin g a first s eeurity-4evei 
seeur4ng--eH^-eiHHater^-fese urces for manipulating electronic da te-and-a-see^d-security 
level-securing the e lectronic data, a method for providing an access can didate-aeeess-to 
the elect ro nic data, th e A method comprising: 

identifyin g, using a processing device, a plurality of data subsets of [[the]] 
electronic dat a, wherein respective data subsets correspond to respective sets of access 
requirements ; 

determining, for each data subset using the processing device , at least one data 
class associated with the respective data s ubs et subsets , the at least one data class 
identifying at least a citizenship requirement and a location requirement for access to 
data associated with the at least one data class; 

receiving, using the processing device, a first request, from a first sponsor of 
[[the]] an access candidate, a rcqucot for access to [[the]] a first security level in_a 
computer network, wherein the first security level secures physical access to a computer 
workstation for accessing the electronic data , the first request including access attributes 
of the access candidate comprising an indication of a citizenship status of the access 
candidate, an indication of a current location of the access candidate, and an indication of 
an existence of a data access agreement with the access candidate; 

granting , using the processing device, the access candida te access to the first 
security level based at least in part on an evaluation of the first request; for access to the 
f4rst4evelt 

receiving, using the processing device, a second request, from a second sponsor 
of the access candidate, a request for access to a second security level in the computer 
network in response to the granting of access to the first security level, wherein the 
second security level secures access to at least one of the plurality of data subset subsets; 
at the seco n d s e curity level in response to an indication that access t e-fee^irsf-seeurity 
l e vel has be en-g^aBted T 4he-¥eq ucst for access to the at least on e data su %se^4n^ludmg-an 
mdieatien^f^^feeftsli ip status of the access candidate ancl^n4ndieatiofl^>f-a--ettfFent 
-locatien-ef-t he access ca ndidatef 
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determining, using the processing device, whether the attributes of the access 
candidate satisfy the respective set of access requirements corresponding to the at least 
one of the plurality of data subsets; 

submittin g, using the processing device, a third request for authorization to a 
resolution authority, which is configured to modify access requireiBeH-ts-asse€4atetl-wrth 
the at least o ne data class, in response to a comparison of the citizenship sta tes-and-the 
6ttfrent-4ocation of the access candidate with the respective citizenship -^ftifeffienf-aB4 
tocation requirement of the at least one data class of the requested data -suhset-feat 
indicat e s determination indicating that access to a requested data subs e t at the seco nd 
level by the access candidate the at least one of the plurality of data subsets is prohibited 1 
wherein the resolution authority modifies the access requirements ; and 

in response to obtaining the authorization from the resolution authority, granting 
the access candidate access to the requested at least one data subset at the second security 
level if the resolution authority grants the third request, provides authorization upon 
receipt of the request for authorization. 

16. (Currently Amended) A system for providing an access candidate access t o 
s e cured ele ctronic data, the system comprising: 

storage c onfigured to receive and store the means for receiving and storing 
electronic data using a computer network ; 

o ne or more resources configured to access and manipulate the electron ic-date? 

means for evaluating a first request for access candidate access to [[the]] one or 
more resources [[,]] in the computer network, wherein the resources secure the electronic 
data, and wherein [[the]] an evaluation of the first request includes a first comparison of 
one or more attributes of the access candidate with one or more access requirements 
associated with the on e or more resources electronic data ; 

means for granting t he access candidate access to the one or more resources if the 
first comparison indicates that access is not prohibited; 

means for evaluating a second request for access candidat e access to the 
electronic data by the one or more resources, wherein [[the]] an evaluation of the second 
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request includes a second comparison of one or more attributes of the access candidate 
with one or more access requirements associated with the electronic data; 

means for submitting a third request for authorization , based on the evaluation of 
the second request indicating that access to the electronic data is prohibited, to a 
resolution authority, which is configured to modify wherein the resolution authority 
modifies the one or more access requirements ; and , if the second comparison indica tes 
t hat access to the electronic data by th o access candidate is prohibrt edf^nd 

means for granting , in response to obtaining the authorization from the resolution 
authority, the access candidate access to the electronic data using the one or more 
resources based on a grant, by the resolution authority, of the third request, if the 
resolution authority provides authorization. 

17. (Currently Amended) The system as-4» of Claim 16, further comprising means 
for granting the access candidate access to the electronic data using [[the]] one or more 
resources configured to access and manipulate the electronic data if the second 
comparison indicates that access to the electronic data by the access candidate is not 
prohibited. 

18. (Currently Amended) The system as-4ft of Claim 16, wherein the access 
candidate is denied access to the electronic data if the resolution authority denies 
authorization. 

19. (Currently Amended) The system as-ia of Claim 16, wherein the ene-or-mere 
attributes of the access candidate attributes are represented as part of a graphical display 
associated with the access candidate and accessed for display via a network. 

20. (Currently Amended) The system as-m of Claim 16, wherein the one or more 
access requirements associated with the one or more res ources relates to at least one of: 
a valid data access agreement with a potential access candidate; a current location of the 
potential access candidate; or[[, ]] a citizenship status of the potential access candidate. 
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21. (Currently Amended) The system as-in of Claim 20, wherein the ene-erHEnere 
attributes of the access candidate attributes relates relate to at least one of: an indication 
an existence of a data access agreement with the access candidate; a current location of 
the access candidate; or[[,]] a citizenship status of the access candidate. 

22. (Currently Amended) The system as-in of Claim 16, wherein the one or more 
access requirements associated with the electronic data includes at least one of a current 
location of the access candidate or a citizenship status of the access candidate. 

23. (Currently Amended) A system for providing an access candidate access t e 
s ecured electronic data, the electronic data being associated with one or mor e-data 
classes, each data class identifying at least a citizenship requirement and a locati on 
requirement for access to data associated with the data class, the system comprising: 

storage configured to receive and store [[the]] electronic data using a computer 
network ; 

one or more resources configured to process and manipulate the electronic data 
using a computer network ; 

a resource access controller configured to grant access to [[the]] one or more 
resources, in response to a request for access to the one or more resources, based at least 
in part on a comparison of a citizenship status and a current location of [[the]] an access 
candidate and an existence of a data access agreement with a citizenship requirement, 
wherein the location requirement and the data access agreement requirement are 
associated with the one or more resources; 

one or more data access controllers configured to grant access to a corresponding 
portion of the electronic data based at least in part on a comparison of the citizenship 
status and the current location of the access candidate with the citizenship requirement 
and the location requirement associated with the one or more data classes of the 
corresponding portion of the electronic data; 

one or more resolution authorities , which a re configured to; 

modify access requirements associated with the one or more data classes, 
co nfigured te and 
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authorize access to one or more portions of the electronic data in response 



to a comparison performed by a corresponding data access controller indicating that 
indicate s access is prohibited; and 

a data access module configured to: 



secured electronic data, the method comprising: 

receiving, [[by]] using a controller in a computer network associated with [[the]] 
secured electronic data, a request for access to [[the]] secured electronic data in the 
computer network ; 

comparing, [[at]] using the controller, one or more attributes of [[the]] an access 
candidate with one or more access requirements associated with the secured electronic 
data; 

submitting, [[by]] using the controller and based on a comparison indicating that 
access by the access candidate is prohibited , a request for authorization to a resolution 
authority, which is configured to modify wherein the resolution authority modifies the 
one or more access requirements; , in response to a -ee mparison that indicates t hat acc es s 
by-4h e access candidate is prohibited; and 

granting or denying in whole or in part, [[by]] using the controller, in-who l e or in 
par%4he-aee e s s candidate access to the secured electronic data based, at least in part, on a 
determination by the resolution authority regarding whether to authorize access ef-4he 
access candidate to the secured electronic data, wherein the determination by the 
resolution authority is based on access candidate information and request related 
information. 




24. (Currently Amended) A method for determin ing- 



candidate 



4© 
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25. (Currently Amended) The method as-m of Claim 24, further comprising granting 
th e ac eess-eamlktate access to the secured electronic data in response to a comparison 
that indicates indicating that access by the access candidate is not prohibited. 

26. (Currently Amended) The method as4n of Claim 24, wherein the one or more 
access requirements associated with the secured electronic data are represented as part of 
a graphical display associated with the access candidate and accessed for display to the 
controller via a network. 

27. (Currently Amended) The method as-4n of Claim 24, wherein the one or more 
access requirements associated with the secured electronic data are related to at least one 
of a citizenship status or a current location of the access candidate. 

28. (Currently Amended) The method as-4» Claim 27, wherein the one or more 
attributes of the access candidate includes at least one of a citizenship status or a current 
location of the access candidate. 

29. (Currently Amended) A method for determining an access candidate access to 
s ecured electronic data, the method comprising: 

receiving, [[by]] using a controller in a computer network associated with [[the]] 
secured electronic data in the computer network , a request for access to the secured 
electronic data in the computer network ; 

comparing, [[at]] using the controller, one or more attributes of [[the]] an access 
candidate with one or more access requirements associated with the secured electronic 
data; 

granting , using the controller, t he access candida te access to the secured 
electronic data in response to a comparison that indicates indicating that access by the 
access candidate is not prohibited; [[and]] 

submitting, [[by]] using the controller and in response to a comparison indicating 
that access by the access candidate is prohibited , a request for authorization to a 
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resolution authority, which is configured to modify wherein the resolution authority 
modifies the one or more access requirements ; and , in response to a comp arison that 
indieates-th at access by the access candidate is prohibited; and 

granting or denying in whole or in part, [[by]] using the co ntro 1 lcr , in w hole or i n 
p art, the ac c ess candidate access to the secured electronic data based, at least in part, on a 
determination by the resolution authority regarding whether to authorize access ef-the 
access candidate to the secured electronic data, wherein the determination by the 
resolution authority is based on access candidate information and request related 
information. 



30. (Currently Amended) In a data security syst e m having a first security level 
securing one or more r e sources for manipulating electronic data and a s e cond securit y 
level securing access to the electronic data by the one or more resourc e s, a method fo r 
determining an access candidate access to the electronic data, the method An article of 
manufacture including a computer-readable medium having instructions stored thereon, 
execution of which causes a processing device to perform operations comprising: 

receiving , using a processing device, a request for access to [[the]] a first security 
level in a computer network ; 

granting , using the processing device, the access candidate access to the first 
security level based on a comparison of one or more attributes of [[the]] an access 
candidate with one or more access requirements associated with the first security level; 

receiving , using the processing device, a request for access to [[the]] a second 
security level in the computer network ; and 

submitting , using the processing device and in response to a comparison 
indicating that access by the access candidate is prohibited, a request for authorization to 
a resolution authority, w hich is configured to modify wherein the resolution authority 
modifies one or more access requirements associated with the second security level t4« 
r^sponse-4o-a-ee mparison of one or more attributes of the iH^ss-eamlklate^itl^e-one 
ernfftere access requ irements associated with the second seeurity-le-veUhat--mdi€ates-4hat 
access to the sec ond-seeu rity level by the access candidtite-isi^>ibite€l^Kl4o-d^Hn-iRe 
wh e ther to autho rize th e acc e ss candidate access to the sec e^-s^eurity4e¥eh 
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31. (Currently Amended) The method as in article of manufacture of Claim 30, 
further comprising granting the access candidate access to the second security level in 
response to a comparison of the one or more attributes of the access candidate with the 
one or more access requirements associated with the second security level ttet-mdieates 
indicating that access to the second security level by the access candidate is not 
prohibited. 

32. (Currently Amended) The method as in article of manufacture of Claim 30, 
further comprising the step of denying the access candida te access to the second security 
level if the resolution authority denies authorization. 

33. (Currently Amended) The method as in article of manufacture of Claim 30, 
wherein the one or more attributes of the access candidate is represented as part of a 
graphical display associated with the access candidate and accessed for display via a 
network. 

34. (Currently Amended) The method as in article of manufacture of Claim 30, 
wherein the one or more access requirements associated with the first security level 
relates to at least one of: a valid data access agreement with the access candidate; a 
current location of the access candidate; or a citizenship status of the access candidate. 

35. (Currently Amended) The method as in article of manufacture of Claim 34, 
wherein the one or more attributes of the access candidate relates to at least one of: an 
indication of whether the access candidate has a data access agreement; a current 
location of the access candidate; or[[,]] a citizenship status of the access candidate. 

36. (Currently Amended) The method as in article of manufacture of Claim 30, 
wherein the one or more access requirements associated with the second security level 
relates to at least one of a current location of the access candidate or a citizenship status 
of the access candidate. 
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37. (Currently Amended) The method as in article of manufacture of Claim 30, 
wherein at least one of the request for access to the first security level or the request for 
access to the second security level is submitted by one or more sponsors. 

38. (Currently Amended) The method as in claim 1, further comprising determining 
the-aHth^rizatie n, by the resolution authority, by granting a waiver of the ©ne-er-«ere 
access requirements, associated with the secured electrom e-datar 

39. (Cancelled) 

40. (Cancelled) 

41. (Currently Amended) The method of claim 1, further comprising receiving 
supplemental evidence verifying the attributes of the attributes of the access candidate. 

42. (Previously Presented) The system of claim 15, wherein the data subsets are 
separated into the at least one data class based on a data provider of the data. 

43. (New) The method of claim 15, wherein the physical access comprises physical 
access to a facility housing the computer workstation. 

44. (New) The method of claim 15, wherein the physical access comprises logging 
on to the computer workstation. 
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